Hello all, hope you are all doing great.

I have set up syslog-ng on a host and I am able to see packets on tcpdump but syslog-ng is not wriiting to the specified paths.

I have checked firewall rules, filters, write permissions at the path. I have another host on the same VLAN with the same config that is able to receive packets and write to the destination.

what I am I missing ?

version used:

syslog-ng 3.9.1

Installer-Version: 3.9.1

Revision:

Module-Directory: /usr/local/lib/syslog-ng

Module-Path: /usr/local/lib/syslog-ng

Available-Modules: syslogformat,afsocket,affile,afprog,afuser,afamqp,afmongodb,csvparser,confgen,system-source,linux-kmsg-format,basicfuncs,cryptofuncs,dbparser,json-plugin,afstomp,pseudofile,graphite,sdjournal,kvformat,date,cef,disk-buffer,add-contextual-data

Enable-Debug: off

Enable-GProf: off

Enable-Memtrace: off

Enable-IPv6: on

Enable-Spoof-Source: off

Enable-TCP-Wrapper: off

Enable-Linux-Caps: off

syslog-ng -Fvde shows :

[2017-08-03T13:57:20.214552] Module loaded and initialized successfully; module='syslogformat'

Any help is appreciated.

Thanks,

Vijay Amrut.